CVE-2026-28969

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.5 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 tvOS versions prior to 26.5 visionOS versions prior to 26.5 watchOS versions prior to 26.5

Description A use-after-free race condition exists in the IOKit framework, specifically within the IOTimeSyncFamily kernel extension and the IOTimeSyncClockManager component. A use-after-free is a memory corruption issue that occurs when an application continues to use a pointer after the memory it points to has been freed. This flaw may allow an app to cause unexpected system termination.

Recommendations Update iOS to version 18.7.9 or 26.5 Update iPadOS to version 18.7.9 or 26.5 Update macOS Sequoia to version 15.7.7 Update macOS Sonoma to version 14.8.7 Update macOS Tahoe to version 26.5 Update tvOS to version 26.5 Update visionOS to version 26.5 Update watchOS to version 26.5